Russia’s Military Apps Use West’s Open Infrastructure

Russia’s war on Ukraine is powered not just by weapons but by a decentralized ecosystem of Android military apps developed by Russian forces and affiliates. These tools rely heavily on Western cloud services – often provided by companies based in countries sanctioning Russia. The analysis of corresponding APK files (a format used to distribute Android apps) shows they use US- and EU-based infrastructure, open-source maps, and Android's permissive sideloading model. This exposes a dangerous gap in how open tech infrastructure is governed in wartime.

The Hidden Backbone of Russia’s War Apps

In my research titled ‘The Cloud of War: How Russian Military Mobile Applications Exploit Western Tech in the War Against Ukraine’, I analysed 62 Russian military apps, covering artillery, drones, logistics, and weather tools. All were sideloaded – installed outside official app stores, usually distributed via war-related Telegram channels. The sideloading model, a core feature of Android apps ecosystem, deliberately and radically different from the path that Apple has taken, enables a decentralized and largely invisible app distribution network that sidesteps oversight by Google or other regulators. The result is a resilient digital supply chain that operates beneath the radar of traditional platform governance. Measures by Google to restrict sideloading on Android, which have been permitted in countries including Singapore, are impeded by European Union competition law.

These apps are not standalone tools; they connect to a web of backend services for storage, map rendering, telemetry, communication – and most importantly for meteorological and mapping data, which Russia is unable to produce. I identified 323 domain names and 387 IP addresses embedded within these apps, over 70% of which were hosted in the United States. Top providers included Amazon Web Services, Google Cloud, and Cloudflare, reflecting the state of the market. Chinese Alibaba and Huawei were present, although less significant due to the market share of Western cloud providers. In essence, while Western cloud providers deliver irreplaceable support to Ukraine, their infrastructure unintentionally underpins Russian military software.

Open Maps for Open Targeting

As mentioned, one of the most strategically significant elements of this ecosystem is geospatial intelligence, which Russia lacks badly. Many apps in my analysis fall back on civilian mapping data sources and access or embed services like OpenStreetMap, Mapbox, Thunderforest, and OpenTopoMap. These are open-source or commercial platforms designed for public utility – but they are repurposed in war.

Some apps not included in the final sample due to their dual-use classification, are known to be highly popular among Russian forces. AlpineQuest, for example, allows users to cache maps for offline use, mark waypoints, and overlay tactical information – making it ideal for both peacetime hiking and wartime targeting.

This widespread availability of precise, customizable map data – combined with Android’s openness and flexibility – has enabled Russia to build sophisticated tactical systems with minimal resources, powered largely by infrastructure from countries that oppose its illegal invasion of Ukraine.

A Moral and Strategic Dilemma

The paradox is stark. Western tech companies, praised for providing vital support for Ukraine’s digital resilience, also unknowingly support the infrastructure used by Russian apps guiding artillery and drones. This is not the result of negligence or complicity – it is a consequence of systemic openness. Russia exploits cloud platform neutrality, sideloading freedom, and open data with the same cynicism it applies to international law and wartime conventions.

This creates a profound dilemma. Should cloud providers be considered neutral infrastructure during war? Can a company simultaneously support a country under attack while enabling the aggressor's battlefield technology?

Risks of Inaction

The cost of ignoring this digital loophole is high. First, it undermines the credibility and enforcement of sanctions regimes – especially those targeting the tech sector. Second, it allows Russia to mask military infrastructure within Western platforms, making it harder to detect, attribute, or disrupt through cyber or kinetic means. Third, it sets a dangerous precedent: that open-source tools and commercial platforms are fair game for wartime exploitation, regardless of origin or intent.

This normalization of global tech as a weapon of war may embolden other authoritarian states to do the same, leveraging democratic openness against itself.

What Must Be Done

To mitigate these risks, governments and technology companies must take proactive steps:

1. Monitor and analyse usage patterns on cloud platforms to detect military activity by the entities waging illegal wars of aggression.
2. Enforce geofencing and API-level restrictions to block the Russian military and affiliated developers from exploiting Western cloud infrastructure.
3. Increase scrutiny of the app ecosystem, urging app stores and malware analysts to identify and flag sideloaded military tools.
4. Reassess tech neutrality policies for cloud and open-source platforms during wartime, establishing principles for responsible use in conflict zones.

Naturally, these measures are proposed as a starting point and will require thorough consultation with cloud infrastructure experts to address potential drawbacks, such as risks to user privacy, avenues for circumvention, and legal constraints on enforcement. Within the cybersecurity sector it is hoped that cloud providers will actively join the dialogue and bring forward their own solutions to achieve the intended outcomes responsibly.

Restricting Russian access to global cloud services would not eliminate the military app ecosystem – but it would erode its capabilities. Developers would be forced to relocate to domestic infrastructure, where performance and redundancy would suffer. More importantly, infrastructure hosted within Russia becomes easier to identify and more clearly targetable under international humanitarian law and cyber norms.

Conclusion: Closing the Digital Loophole

Russia’s war machine is not just physical. It is digital, distributed, and – ironically – democratic in its use of open technology. The very platforms that uphold freedom of expression and civil innovation in the West and were critical for Ukraine’s survival in the early days of the full-scale Russian invasion, are being weaponized by Russia to guide artillery, coordinate drone strikes, and transmit battlefield intelligence.

If democracies wish to protect the integrity of their technologies and the values they represent, they must act decisively. Openness without responsibility invites abuse. Until concrete steps are taken, Western infrastructure will remain an invisible enabler of the war.

And we need to stop sustaining the war we seek to end.

© Volodymyr Styran, 2025, published by RUSI with permission of the author.

The views expressed in this Commentary are the author's, and do not represent those of RUSI or any other institution.

For terms of use, see Website Terms and Conditions of Use.

Have an idea for a Commentary you'd like to write for us? Send a short pitch to commentaries@rusi.org and we'll get back to you if it fits into our research interests. View full guidelines for contributors.